PC646

Why not start World War 3 and blame the Chinese....jk I can think of a million different reasons to make your ip come from a specific area or look like another persons address, router block, etc... I guess I'm thinking more of anti-forensics though. If I live in small town middle of USA, and even if I use an open or cracked wifi network, it won't take long for PD to know I'm the local hacker... Then you say "just use a proxy" but while I'm doing my thing I want blame to be aimed at someone or something.

From my own past with audio and video bugs, never directly connect to the pineapple. Use a second access point to bridge you between the pineapple and your computer... Gives you distance and a layer of protection.

Beakmyn, you are dead on... Obviously you can change your mac ID while they walk into the coffee shop, but you might be fucked... So could you do the same netstumbler or an open source program?

Obviously there is TOR and proxies to change your IP address (and programs to change your mac ID) but I'm looking for a tool or proxy that can make my IP address A) come from any area (say china) or B) actually duplicate a known IP and mirror it. I guess I could use a Chinese proxy if I wanted my traffic to look like it was coming from china, but I was hoping for something that did both... Any input would be great. Thx!

Cool little gadget for law enforcement that pinpoints the location of a wifi user, however cant netstumbler do this for free? http://www.digitalcertainty.biz/products.htm

So from my last video someone asked me what a hidden volume was and why they should be using it. So here is a short video how and why to setup undetectable encrypted files on your computer. Trust me, the cops can't see or find these with FTK, Encase or other means. Currently if you are using basic encryption the courts can put you in jail until you turn over your password and decrypt the data. So with a hidden volume you give the courts what they think they want, the password to your "safe" encrypted data (I like to put porn and fake love letters) and they have no way of knowing your "real" files are hidden within the free space of encrypted volume with a different password. I even recommend in the video using a password for the safe data that can be brute force attacked easily so their forensic examiner can get into the file while you will pretend to care in court about protecting your "porn and love letters". All this amounts to plausible deniability and being safe from the feds. http://securitytube.net/Encrypting-your-Di...rypt-video.aspx

Working in this field, I can tell you first hand you are right. A) Most feds are dumb and years behind and B) these tools are only used to catch the low hanging super dumb criminals. I posted the article for entertainment value and a wake up call to the noobs who have no scope. Scope is the key, if you are going to be a successful hacker, criminal or fed, you need to be ahead of the game like in chess. Would anyone care to add to the post successful ways not to get caught? 1) Linux Live Boot Disc 2) Random Open Wifi (No coffee shops, they might get you with credit cards, photo line ups, cctv, etc) 3) TOR 4) Random or better yet MAC Address mirrored to computer on open wifi (Sorry random dude for getting your door kicked in and computer taken) 5) Encrypted Hidden Systems 6) Destroy cheap computer or drive (with hammer) 7) Abstinence ;) 8) ...

1. When using the airpcap card you dont need to fake anything. Its all passive collection of data. 2. The wireless device for net stumbler was the wireless chipset in my Dell Mini 9. For ARP injection and the promiscuous collection of data you need the airpcap usb card.

I put together this video on wifi monitoring: http://securitytube.net/How-to-Covertly-Mo...orks-video.aspx Feedback would be appreciated, thanks

Anyone want to buy a pretty new Airpcap tx card? $250 I'll include wireshark for free ;) Hit me up privately if you are interested. Paypal only...

Did anyone read this? FBI using spyware to catch hackers and other people hiding behind proxies... http://blog.wired.com/27bstroke6/2009/04/f...pyware-pro.html

Did you see my posting on Netwitness's Investigator software? Its free and crazy powerful for recreating data packets. http://www.netwitness.com/products/investigator.aspx Or look on youtube for some samples of it...

Yup I remember seeing that too. The biggest challenge he had was unscrewing the cable using a tight dollar bill as a grip...

He is referring to Johnny Longs using a bill to unscrew a hotel coax cable, then plugging it into your computer to roam around the data lines of a hotel billing system. I couldn't find a video on it, but Johnny Long brags about it here: http://news.cnet.com/8301-1009_3-9995479-83.html

Thanks for the input!

Has anyone used Mac Shift, a free windows program to change your MAC address? I just downloaded it and am testing it out but I thought I would ask around here... http://devices.natetrue.com/macshift/

But how common is that and Cain/Abel allows for random fake MAC addresses to limit pointing the finger at you.

Netwitness Investigator- I came across this program (long story how) that recreates data packets, pulls passwords, etc in an amazing fashion. Originally designed for the intelligence community, it is now free. http://download.netwitness.com/download.php?src=DIRECT Let me know your thoughts or if you know of anything better.

Can APR Poisoning be detected? or tracked later?

Why worry about two different encryptions? Get yourself a FDE drive and dont worry anymore. Courts have ruled that giving up your password is the same as self incrimination ONLY IF the government never saw a hint of the wrong doings on the drive. If they know shit is on there (from some proof), the password is treated like a key to an object they already know exists and you can be forced with jail time (contempt of court) for not giving it up. Even with a drive using true crypt installed, a forensic reviewer might find enough unencrypted evidence for the courts to force you to give up the password. With a FDE encrypted drive even a noob cant fuck things up. EVERYTHING is encrypt properly. Just make sure you power off your FDE computer or unplug your maxtor blackarmor as the feds kick in your door. I love true crypt, but even my lazy ass loves the added protection of an FDE setup.

Hey dumb noobs (if you dont even know what noob means just leave) before posting on here and asking stupid questions about loading pocketknife to your USB or asking why VNC asks for a password please start at PAGE 1 and read ALL of the forum. I guarantee you will find the answer you are looking for (even though you don't deserve this well created program.) Peace www.how2stalk.com

I wanted to reach out to you all and see if anyone was interested in posting some articles (mirrored from here, other sites or your own shit) to my blog How2Stalk.com. The site is just a small collection of tricks and tips to harass, prank and fuck with people. Most of it centers around newbies but anything you would like to add or see would be great. After years of PI work and computer forensics I thought it would be cool to share some of the tactics friends and peers are always requesting of me. Thanks